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Top Stories 

• An international operation April 26 shut down dozens of Web sites, including many in the 
United States, which offered for sale information from about 2.5 million credit cards as 
well as other private data. - BBC News (See item 13) 

• A report found the Florida Highway Patrol lieutenant who ordered the reopening of a fog- 
and smoke-shrouded interstate shortly before a series of crashes killed 1 1 people was 
unaware of the agency’s procedures. The lieutenant also had no formal training in opening 
and reopening roads. - Associated Press (See item 17) 

• Cyberattacks on the U.S. federal government's IT systems skyrocketed 680 percent in 5 
years, an official from the Government Accountability Office testified at a Congressional 
hearing. - Infosecurity (See item 39) 

• Researchers found that equipment using RuggedCom's industrial networking gear has a 
password that is easy to crack, which can give attackers the means to sabotage myriad 
industrial operations. The researchers said that for years, the firm did not warn the power 
facilities, military facilities, and municipal traffic departments that use its technology about 
the flaw. -Ars Technica (See item 49) 
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Current Electricity Sector Threat Alert Levels: Physical: LOW, Cyber: LOW 
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1. April 26, Homeland Security News Wire - (National; International) Safe fracking 
require distance from sensitive rock strata. The chances of rogue fractures due to 
shale gas fracking operations extending beyond 0.6 kilometers from the injection 
source is a fraction of 1 percent, according to new research led by Durham University, 
Homeland Security NewsWire reported April 26. The analysis is based on data from 
thousands of fracking operations in the United States and natural rock fractures in 
Europe and Africa. It is believed to be the first analysis of its type and could be used 
across the world as a starting point for setting a minimum distance between the depth of 
fracking and shallower aquifers used for drinking water. The new study, published in 
the journal Marine and Petroleum Geology, shows the probabilities of "rogue" 
fractures, induced in fracking operations for shale gas extraction, extending beyond 0.6 
kilometers from the injection source are exceptionally low. The probability of fractures 
extending beyond 350 meters was found to be 1 percent. During fracking operations, 
fractures are created by drilling and injecting fluid into the rock strata underground to 
increase oil and gas production from fine-grained, low permeability rocks, such as 
shale. These stimulated fractures can significantly increase the rate of production of oil 
and gas from such rocks. Of the thousands artificially induced, none were found to 
exceed 600 meters, with the vast majority being much less than 250 meters in vertical 
extent. 

Source: http://www.homelandsecuritynewswire.com/dr2012Q426-safe-fracking- 
requires-distance-from-sensitive-rock-strata 

2. April 25, Charleston State Journal - (West Virginia) MSHA: 10 mining deaths in 
first quarter of 2012. The Mine Safety and Health Administration (MSHA) recorded 
10 mining deaths, 6 in coal mines, in the first quarter of 2012, the Charleston State 
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Journal reported April 25. Coal mine deaths occurred in the following categories: 
exploding vessels under pressure, drowning, handling materials, rib fall, machinery, 
and electrical. The MSHA noted an "uncharacteristic trend" of five of the fatalities 
occurring in five consecutive weekends. Three involved mine supervisors. The MSHA 
issued an accident prevention alert to the mining industry after the fourth consecutive 
death, but the fifth occurred after the notice had been issued. According to the MSHA 
release, the federal regulators have taken "a number of actions" to identify particular 
mines with health and safety problems. 

Source: http://www.stateiournal.com/storv/17745547/msha-10-mining-deaths-in-first- 
quarter-of-2012 

3. April 24, Associated Press - (Calfornia) San Bruno to consider tearing out deadly 
gas pipe. Officials in San Bruno, California, are considering ordering sections of the 
pipeline that caused a deadly explosion in 2010 to be ripped out of the neighborhood it 
set aflame. Residents have been pushing for the gas transmission line to be removed 
since it ruptured September 9, 2010. The blast and ensuing inferno killed eight people 
and destroyed 38 homes. Until recently, Pacific Gas & Electric Co. had said the 
company planned to plug its pipeline with concrete. The pipeline has not been in 
service since the explosion. City workers have recommended tearing out a portion of 
the pipeline but leaving in other sections and filling them with concrete. 

Source: http://www.fresnobee.com/2012/Q4/24/2812366/san-bruno-to-consider- 
tearing.html 

For another story, see item 49 
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Chemical Industry Sector 

4. April 25, Bakersfield Californian - (California) Fines totaling $32,000 proposed in 
pesticide drift incident. Kern County in California will issue fines totaling $32,000 in 
connection with a late March incident where pesticide drift from a crop dusting plane 
hit a school bus carrying 29 students. The fines were proposed April 25 by the county 
agricultural commissioner against Inland Crop Dusters, $30,000, and the pilot, $2,000. 
The fines are for three violations, including applying the pesticide Lorsban Advanced 
in conflict with its labeling, according to a notice of proposed action. The notice 
indicated officials took previous violations by Inland and the pilot into consideration in 
determining the fine. Inland's owner said he will request a hearing to contest the fines. 
Inland has received 7 citations for violations since 1999 and had its license suspended 
for 30 days in 1997. The March 29 incident occurred when a crop duster dropped a load 
of pesticide that drifted over a Rio Bravo-Greeley Union School District bus. About 15 
students complained of ailments, and all but one was treated on school grounds. 

Source: http://www.bakersfield.com/news/business/economy/x768326097/Fines- 
totaling-32-000-proposed-in-pesticide-drift-incident 

5. April 25, WFAA 8 Dallas-Fort Worth - (Texas) TCEQ alleges serious violations at 
Waxahachie chemical plant. Texas regulators April 25 handed down a list of alleged 
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violations against the Magnablend chemical blending plant in Waxahachie that caught 
fire and burned to the ground in October 2011. The plant was cited with four major 
violations from the incident, which caused pollutants and toxins to pour into the air and 
onto the ground. The Texas Commission on Environmental Quality (TCEQ) 
determined Magnablend caused a traffic hazard during the fire, failed to submit the 
required emissions report, exceeded emissions limitations, and created a hazardous 
nuisance. State officials also found fault with operations inside the plant, saying "aD| 
conditions at Magnablend which led to the fire and resulting emissions may have been 
prevented with proper engineering design, maintenance, and education." In March, the 
labor department released another list of major violations in connection with the fire, 
citing serious safety conditions inside the plant, including poor ventilation and failure 
to properly train employees. 

Source: http://www.wfaa.com/news/local/TCEQ-alleges-serious-violations-against- 
W axahachie-chemical-plant- 148971255 .html 

6. April 25, U.S. Environmental Protection Agency - (Oregon; National; International) 
EPA ensures Columbia Sportswear Company properly labels pesticide-treated 
clothing for domestic sale. Columbia Sportswear Company, headquartered in 
Portland, Oregon, sold and distributed mislabeled pesticide-treated clothing in violation 
of federal pesticide rules, according to a settlement with the U.S. Environmental 
Protection Agency (EPA) announced in an April 25 press release. The agency found 
the clothing labels lacked the required EPA pesticide registration number, a proper 
ingredient statement, a proper storage and disposal statement, and were missing the 
statement, "It is a violation of Federal Law to use this product in a manner inconsistent 
with its labeling." EPA immediately issued a Stop Sale Order on the products until they 
could be properly labeled by the company, which fully cooperated. Columbia will pay a 
fine of $22,880. The EPA first learned about the misbranded products by monitoring 
pesticide imports and finding that one of the firm's shipments coming into the United 
States had been denied entry at a foreign port. 

Source: 

http://vosemite.epa.gOv/opa/admpress.nsf/0/c09e9cbc5a32e852852579eb0064e7cb7Qp 

enDocument 



7. April 25, U.S. Environmental Protection Agency - (Oregon) EPA settles with BNSF 
Railway Company for improperly handling contaminated soil in north 
Portland. The BNSF Railway Company settled with the U.S. Environmental 
Protection Agency (EPA) for mishandling and transportation of contaminated soil from 
a construction project near the McCormick & Baxter Superfund site on the Willamette 
River near Portland, Oregon, according to an April 25 EPA press release. BNSF will 
pay a $37,500 penalty, although it did not admit to the allegations. Documents filed 
with the action show BNSF removed at least 36 cubic yards of soil containing 
pentachlorophenol, a listed hazardous waste. The EPA alleges BNSF failed to: properly 
characterize the excavated waste; lawfully store and manage it on site; and properly 
transport it from the site to a disposal facility equipped and permitted to handle such 
waste. Each failure violated hazardous waste law. Pentachlorophenol, a manufactured 
chemical, was used in wood treating that took place while the McCormick & Baxter 
facility operated. It is a restricted use pesticide that was used for decades as a wood 
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preservative for utility poles, railroad ties, and wharf pilings. Exposure to high levels of 
the chemical has been shown to cause liver damage, harm the immune system, and 
have damaging reproductive and developmental effects. The EPA has also identified 
pentachlorophenol as a probable human carcinogen. 

Source: 

http://vosemite.epa.gov/opa/admpress.nsf/d0cf6618525a9efb85257359003fb69d/d9elc 

f69a6c83356852579eb007d042a!QpenDocument 

For more stories, see items 1, 8, 10, and 18 
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Nuclear Reactors, Materials and Waste Sector 

Nothing to report 
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Critical Manufacturing Sector 

8. April 26, Associated Press - (International) Damaged German resin plant will be out 
of commission for at least 6 months. The owner of a German factory that makes a key 
resin used in auto parts said April 26 the plant will be out of commission until at least 
October. The Evonik Industries AG plant was badly damaged in a March 31 explosion 
and fire, setting off a mad scramble by global automakers to find substitute materials. A 
shortage of the resin is threatening to cut global car and truck production. The plant in 
western Germany makes at least a quarter of the world’s PA- 12, a nylon resin used in 
fuel and brake lines and hundreds of other auto parts. The plant also makes 70 percent 
of the global supply of CDT, a key ingredient of PA- 12 that is used by other companies 
that make PA- 12. 

Source: http://www.washingtonpost.com/business/industries/damaged-german-resin- 
plant- will-be-out-of-commission-for-at-least-6- 
months/2012/04/26/gIQAT3nwiT story.html 

9. April 25, U.S. Department of Labor - (Ohio) U.S. Department of Labor's OSHA 
cites Wrayco Industries in Stow, Ohio, for 14 health and safety violations. The U.S. 
Department of Labor's Occupational Safety and Health Administration (OSHA), April 
25 cited Wrayco Industries Inc. in Stow, Ohio, with 14 serious safety and health 
violations. The OSHA initiated an inspection in response to a complaint alleging 
numerous safety violations. Eleven serious safety violations included failing to: 
develop machine- specific lockout/tagout procedures to control hazardous energy; train 
employees to use portable fire extinguishers; adequately guard equipment; use 
electrical equipment according to labels and listings; and install stair railings. 
Additionally, three serious health violations involved failing to implement a hearing 
conservation program, a written respiratory protection program, and a written hazard 
communication program. 

Source: 
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http://www.osha.gov/pls/oshaweb/owadisp.show document?p table=NEWS RELEAS 
ES&p id=22248 



10. April 25, U.S. Department of Labor - (Texas) U.S. Department of Labor's OSHA 
cites San Antonio-based A A Foundries for willful, multiple serious safety and 
health violations. The U.S. Department of Labor's Occupational Safety and Health 
Administration (OSHA), April 25 cited AA Foundries Inc. with 1 willful and 20 serious 
violations for exposing employees to excessive noise levels, lead, and copper at the 
company's work site in San Antonio. An investigation that began October 24, 2011, as 
part of OSHA's Primary Metals National Emphasis Program, found that employees 
were exposed to noise levels surpassing 85 decibels, as well as excessive airborne 
levels of lead and copper, while conducting operations such as pouring molds and 
grinding on metal cast. 

Source: 

http://www.osha.gov/pls/oshaweb/owadisp.show document?p table=NEWS RELEAS 
ES&p id=22245 

11. April 23, U.S. Immigration and Customs Enforcement - (Maryland; Pennsylvania) 
Baltimore warehouse owners plead guilty in scheme to steal $1 million of nickel 
imported into the port of Baltimore. Two Baltimore warehouse owners pleaded 
guilty to conspiring to transport stolen nickel briquettes stored next to their warehouse, 
which had been imported through the Port of Baltimore, following an investigation by 
U.S. Immigration and Customs Enforcement. According to their plea agreements, the 
men opened Bear Creek Warehouse Company in 2006. Their primary customer was an 
international mining company that shipped cargo containers of nickel to the Port of 
Baltimore from mines outside the United States, then stored the nickel in the Bear 
Creek Warehouse. Beginning in 2006, the men began removing the mining company's 
nickel from the warehouse, setting it aside to sell later. In June 2006, one man 
approached a co-conspirator to sell the nickel in Pittsburgh. The co-conspirator 
contacted the owner of a Pittsburgh scrap metal company who agreed to buy the nickel. 
From 2006 through 2011, the warehouse owner sold the co-conspirator 80,000 pounds 
of nickel worth about $1 million. 

Source: http://rn.ice.gOv/news/releases/l 204/1 20423baltimore.htm?f=m 

For another story, see item 49 
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Defense Industrial Base Sector 



12. April 24, Associated Press - (Utah; International) Contractor to pay $36.9M for 
defective flares. Defense contractor ATK Launch Systems Inc. agreed to pay $36.9 
million in cash and services to settle a whistleblower’s complaint alleging the Utah- 
based company sold the military dangerous and defective illumination flares, the U.S. 
Justice Department announced April 23. ATK’s nighttime combat flares were supposed 
to withstand a 10-foot drop test without exploding or igniting, the agency said. The 
company must fix 76,000 flares remaining in the government’s inventory as part of the 
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settlement. The flares were made in Utah and sold to the U.S. Air Force and U.S. Army 
from 2000 to 2006, officials said. Phillips & Cohen LLP filed a whistleblower lawsuit 
in Salt Lake City on behalf of ATK flare program manager, triggering the federal 
investigation. The complaint dates back 10 years when the flares were made by a 
predecessor company, Thiokol Chemical Co., ATK said. Thiokol made the flares at 
Promontory, an industrial site in northern Utah. 

Source: http://www.armvtimes.com/news/2012/04/ap-contractor-pav-36m-defective- 
flares-042412/ 



For another story, see item 49 
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Banking and Finance Sector 

13. April 26, BBC News - (National; International) Credit card 'info for sale' websites 
closed in global raids. Dozens of Web sites offering credit card details and other 
private information for sale have been taken down in a global police operation, BBC 
News reported April 26. Britain's Serious Organized Crime Agency (SOCA) said the 
raids in Australia, Europe, the United Kingdom, and the United States were the 
culmination of 2 years of work. Two Britons and a man from Macedonia were arrested, 
with 36 sites shut down. Some of the Web sites have been under observation for 2 
years. During that period the details of about 2.5 million credit cards were recovered — 
preventing fraud, according to industry calculations, of about $809 million. The head of 
SOCA's cyber crime unit said criminals were selling personal data on an "industrial" 
scale. He said traditional "bedroom" hackers were being recruited by criminal gangs to 
write the malware or "phishing" software that steals personal data. Other information 
technology experts are used to write the code that enables the Web sites to cope, 
automatically, with selling the huge amounts of data. Joint operations April 26 in 
Australia, the United States, Britain, Germany, the Netherlands, Ukraine, Romania, and 
Macedonia led to the Web sites being closed down. 

Source: http://www.bbc.co.uk/news/uk-17851257 

14. April 25, Associated Press - (Florida) FBI: South Florida bank robberies on 
rise. The FBI said bank robberies are on the rise in south Florida in fiscal year (FY) 
2012 and may surpass the totals for each of the past 2 years, the Associated Press 
reported April 25. The FBI's Miami Field Office said there were 49 bank heists 
between October 1, 201 1 and the end of March in Florida counties stretching from 
Martin to Monroe. Those numbers are up 25 percent compared with the same time 
frame in FY 2011. If the trend holds, south Florida could see 100 bank stickups in FY 
2012. That compares with 75 in FY 2011 and 87 in FY 2010. FBI agents said most 
robberies are non-violent and do not involve the display of a weapon. About half of the 
FY 2012 bank robberies in south Florida have been solved. 

Source: http://www.businessweek.com/ap/2012-04/D9UClENG0.htm 

15. April 25, Reuters - (National; International) Former Morgan Stanley star in China 
pleads guilty. A former Morgan Stanley executive has pleaded guilty to conspiring to 
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evade internal controls required by a U.S. anti-bribery law, in a case that underlines the 
fall of a once high-flying dealmaker for the firm in China. The executive, who was a 
managing director in Morgan Stanley's real estate investment and fund advisory 
business, also settled related charges with securities regulators April 25, and agreed to 
roughly $3.7 million in sanctions and a permanent bar from the industry. The defendant 
secretly arranged to have millions paid to himself and a Chinese official and disguised 
the payments as finder's fees charged to Morgan Stanley, regulators said. Such 
payments violated the Foreign Corrupt Practices Act, which bars bribes to officials of 
foreign governments, the U.S. Securities and Exchange Commission (SEC) said. 
Morgan Stanley, which cooperated in the government's investigation, was not charged. 
The former executive had a personal friendship with the former chairman of a Chinese 
state-owned entity, Yongye Enterprise (Group) Co., which had influence over the 
success of Morgan Stanley's real estate business in Shanghai, the SEC said. He secretly 
arranged for both of them to acquire a valuable Shanghai real estate interest from a 
Morgan Stanley fund, it said. 

Source: http://www.reuters.com/article/2012/04/25/us-sec-rnorgan-stanley- 
idUSBRE8301DY2Ql 20425 



16. April 24, Associated Press - (California) 2 dozen arrested at Wells Fargo meeting, 
protest. Authorities have arrested about two dozen people who demonstrated inside 
and outside Wells Fargo's annual shareholders meeting April 24 in San Francisco. A 
San Francisco police sergeant said police arrested 20 protesters. At least 14 of them 
were inside the meeting in the city's financial district. Six others were arrested for 
trespassing. He said the San Francisco Sheriffs Department arrested another four 
people. The bank protest drew several hundred protesters criticizing the San Francisco- 
based company for pursuing home foreclosures, predatory lending, not paying enough 
taxes, and investing in private prison companies. Dozens of officers were stationed 
around the Merchant's Exchange Building in the city's financial district ahead of the 1 
p.m. meeting. Bank stockholders were asked to show certificates or other proof of 
ownership before being corralled past gates erected in front of the doors. 

Source: http://www.businessweek.com/ap/2012-04/D9UBIU9Q0.htm 

For more stories, see items 39 and 41 
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Transportation Sector 

17. April 26, Associated Press - (Florida) Report: Fla. Highway Patrol erred in opening 
smoke-shrouded 1-75 before crashes that killed 11. A Florida Highway Patrol 
lieutenant who ordered the reopening of a fog- and smoke-shrouded interstate highway 
shortly before a series of crashes killed 11 people was unaware of the agency’s 
procedures and had no formal training in opening and reopening roads, a state report 
said April 26. The Florida Department of Faw Enforcement report concluded troopers 
made errors but found no criminal violations. A highway patrol sergeant expressed 
concerns about reopening Interstate 75 in north Florida in January, after heavy smoke 
from a wildfire had forced its closure. But a lieutenant gave the order because he was 
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worried keeping the highway closed also would be dangerous. At least a dozen cars, 
pickup trucks, and a van, six semi-trailer trucks, and a motorhome collided in six 
separate fatal crashes in north Florida near Gainesville. Some vehicles burst into 
flames, making it difficult to identify the victims. Smoke from a wildfire mixed with 
fog blanketed the highway where it cut through Paynes Prairie State Park. 

Source: http://www.washingtonpost.com/national/fla-highwav-patrol-set-to-release- 
report-on-fog— smoke-shrouded-i-75-crash-that-killed- 
1 1/2012/04/26/gIQAsvmXiT story.html 

18. April 26, Associated Press - (Florida) Log truck driver cited by FHP in fatal 1-95 
crash. The driver of a tractor-trailer involved in a fatal pileup on Interstate 95 in 
Florida was cited for careless driving by the Florida Highway Patrol (FHP), the 
Associated Press reported April 26. An FHP spokeswoman said the driver was hauling 
timber on northbound 1-95 early the morning of December 29, 2011. She said he lost 
control of his vehicle and a load of logs was dumped onto the highway near Port 
Orange. The Daytona Beach News-Journal reported a car hit the logs and overturned. It 
was followed by a mail truck and a tractor-trailer filled with pesticide. Authorities said 
the chemical truck burst into flames and its driver was killed. Five others were injured. 
The fire caused northbound 1-95 to close for more than 12 hours as crews repaired the 
road. 

Source: http://www.mvsuncoast.com/news/state/storv/Log-truck-driver-cited-by-FHP- 
in-fatal-I-95-crash/E4vehIn0Kky9Wkbn7y6pfA.cspx 

19. April 24, Associated Press - (New York) NTSB blames faulty valve for 2010 NYC 
ferry crash. The National Transportation Safety Board (NTSB) said a faulty valve 
caused a Staten Island ferry accident that injured several people and caused minor 
damage in New York. The board met April 24 to discuss the May 8, 2010, accident. 

The vessel, the Andrew J. Barberi, slammed into a pier when the pilot could not get the 
ferry to slow down. NTSB investigators determined one of the ferry's propellers was 
stuck because of a jammed valve. 

Source: http://www.kfvsl2.com/story/17673655/ntsb-blames-faulty-valve-for-2010- 
nyc-ferry-crash 



20. April 23, Hannibal Courier-Post - (Missouri) Stolen railroad property recovered in 
Pike County. Three Missouri teenagers were charged with stealing for allegedly taking 
Kansas City Southern Railroad property, the Hannibal Courier-Post reported April 23. 
According to a Pike County sheriff, his department received a tip April 16 regarding 
the theft of railroad iron from the Bowling Green area. Deputies, working in 
conjunction with railroad authorities, discovered stolen metal at a local metal recycling 
facility. A Pike County prosecuting attorney charged all three suspects with the Class C 
felony of stealing. 

Source: http://www.hannibal.net/newsnow/xl780488886/Stolen-railroad-property- 
recovered-in-Pike-County 



For more stories, see items 3, 4, 7, 26, and 49 
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Postal and Shipping Sector 



21. April 26, Fox News; Associated Press - (Florida) Mail carrier robbed at gunpoint in 
Tampa, may have been seeking tax return checks. The U.S. Postal Service has 
offered a $50,000 reward for information leading to the arrest of two people who 
robbed a mail carrier at gunpoint April 25 in Tampa, Florida. Police said a man told the 
mail carrier to drive to another location. When they arrived, the suspect asked him 
where the checks were. Authorities believe the robbers were looking for federal income 
tax returns. The mail carrier was sorting mail in his truck when police said he felt a gun 
at his side. The Tampa Tribune reported the mail carrier told the suspect the checks 
might be in a tray. The suspect dumped the contents into a backpack and fled. He was 
joined at that point by a second man. 

Source: http://www.foxnews.com/us/2012/04/26/mail-carrier-robbed-at-gunpoint-in- 
tampa-may-have-been-seeking-tax-return/ 

22. April 25, Rock Hill Herald - (South Carolina) York man reports second mailbox 
explosion. A York County, South Carolina man told police someone blew up his 
mailbox for the second time, the Rock Hill Herald reported April 25. The man heard a 
loud noise just before midnight April 20, according to a York County Sheriffs Office 
report. When he looked outside, he saw flames. About a month ago, the man told 
deputies someone had blown up his plastic mailbox, though he had not reported it, the 
report states. His new mailbox was made of metal. Deputies looked inside the mailbox, 
which was scorched in several spots, the report said. There were pieces of brown paper 
inside and outside the mailbox, one of which appeared to be a fireworks mortar shell. 
The explosion caused pine needles on the lawn across the street to catch fire, but the 
man and neighbors put it out, the report stated. 

Source: http://www.heraldonline.com/2012/04/25/3922944/york-man-reports-second- 
mailbox.html 



23. April 23, Minneapolis Star Tribune - (Minnesota; National) Special delivery May 6 in 
Twin Cities will test terror attack plan. Nearly 40,000 Minnesota residents will go to 
their mailboxes May 6 to find an unusual delivery: an empty pill bottle representing a 
powerful antibiotic that would be delivered in the event of a bioterrorism attack. The 
exercise united the Minnesota Department of Health with the U.S. Postal Service. More 
than 300 mail carriers will participate in the test, fanning out across 4 neighborhoods in 
Minneapolis, St. Paul, Robbinsdale, and Golden Valley. They plan to reach 37,000 
households in 4 ZIP codes. The overall goal would be to deliver preventive doses of 
medication to most people within the first 48 hours of a bioterror attack. The exercise 
will spark an intense period of evaluation, when health officials will see if the idea 
could work under the most catastrophic public health conditions. The tactic has been 
tested in Boston, Philadelphia, and Seattle, but the Minnesota experiment will be its 
first full-scale test. A Postal Service spokesman said employee volunteers had to go 
through hours of safety training and preparation for the exercise — including being 
fitted with protective masks. Local law enforcement officials will escort postal workers, 
as they would be in a true emergency. The biggest logistical concern for the health 
department and Postal Service has been informing the participating communities. 
Source: http://www.startribune.com/lifestyle/health/148607855.html 
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Agriculture and Food Sector 

24. April 26, Market Watch - (International) Indonesia bans U.S. beef; Korea plans 
inspections. Indonesia said April 26 it will ban imports of U.S. beef, while South 
Korea announced stepped-up inspections on its imports and some Korean retailers 
halted sales of the product, amid heightened concerns over food safety after a 
California dairy cow was found to be infected with mad cow disease. Indonesia's vice 
agriculture minister said a ban on U.S. beef would be imposed April 26 and remain in 
place until there are assurances U.S. cattle are free of the disease, according to Dow 
Jones Newswires. Indonesia will reportedly boost imports of beef from Australia, New 
Zealand, and Canada to make up for the U.S. shortfall. Meanwhile, South Korea's two 
largest supermarket chains April 25 halted sales of U.S. beef, although the ban in one 
of the chains was later lifted, according to the Associated Press. South Korea, along 
with other Asian countries, banned U.S. beef in 2003 following a prior outbreak of the 
disease, and rescinded the ban in 2008. 

Source: http://www.marketwatch.com/story/indonesia-bans-us-beef-korea-plans- 
inspections-2012-04-26?reflink=MW news stmp 

25. April 26, Food Safety News - (National) Search underway for any more 'mad 
cows'. The dead Hanford, California dairy cow with laboratory-confirmed bovine 
spongiform encephalopathy (BSE) is now the centerpiece of an investigation into 
whether there are any more mad cows in the vicinity, Food Safety News reported April 
26. Dairymen in the Central Valley of California were told that state and federal 
officials are testing the BSE-infected animal's feeding herd, which could include some 
of its own offspring, and other cows in the area born about the same time. Baker 
Commodities, the Los Angeles-based company that owns the transfer rendering station 
at Hanford, also announced it was holding the diseased carcass in cold storage, as well 
as all other cows that arrived with it on the same truck. It was Baker's participation in a 
random sampling program that returned the BSE-infected brain tissue, 1 of 40,000 
samples the U.S. Department of Agriculture plans to take in 2012. The BSE-infected 
carcass was in quarantine where it will remain until state and federal officials order it 
destroyed. The exact location of the dairy farm where the diseased cow lived and died 
on or before April 18 has not been disclosed. The Hanford dairy cow did not show any 
"mad cow" signs — such as difficulty walking — before it died, making investigators 
especially interested in testing its calves and cohorts. 

Source: http://www.foodsafetvnews.com/2012/04/search-begins-for-other-mad-cows- 
in-central-valley/ 

26. April 26, Associated Press - (South Dakota) SD grain elevator fire prompts home 
evacuations. A grain elevator fire in the eastern South Dakota city of Miller prompted 
officials to close off roads and evacuate about 15 homes. Authorities said the fire was 
reported at Miller Grain late April 25. Homes downwind from the scene were 
evacuated as a precaution about 2 hours after the fire sparked because of concerns 
about strong winds and possible toxic fumes from rodent control chemicals. The 40 to 
50 residents were allowed to return home about 2 hours after they were evacuated. The 
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fire was under control 9 hours after it sparked, but an estimated 2 million pounds of 
sunflowers destined to become bird seed were still smoldering. The elevator was 
destroyed. 

Source: 

http://www.wisconsinrapidstribune.com/usatodav/article/39 14042 l?odyssey=modlnew 
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27. April 25, U.S. Food and Drug Administration - (National) Allergy alert on milk 
products in Mrs. Weaver's pimento spread. Reser’s Fine Foods, Inc. of Beaverton, 
Oregon, is voluntarily recalling 653 cases of 7-ounce Mrs. Weaver’s Pimento Spread 
that may have been packaged into containers marked Ham Salad, the U.S. Food and 
Drug Administration (FDA) reported April 25. The Ham Salad label does not list milk 
ingredients on the label. The recalled spread was distributed in Arkansas, Arizona, 
Florida, Louisiana, Mississippi, Oklahoma, Texas, and Washington between April 11 
and April 17. The problem was discovered by a company representative during a store 
visit. The company advised the FDA of this voluntary recall. 

Source: http://www.fda.gov/Safety/Recalls/ucm301824.htm 

28. April 24, Baltimore Sun - (Maryland) Invasive beetle found in cumin shipment 
bound for McCormick. A shipment of Indian cumin seed contaminated with the 
larvae of a dead Khapra beetle, an invasive insect, never made it to McCormick & Co.'s 
Hunt Valley facility and was to be sent back to India, the spice maker said April 24. 
U.S. Customs and Border Protection (CBP) agriculture specialists discovered the larvae 
and other seed contaminants during a search of the shipment at the port of Baltimore 
April 17. The next day, the U.S. Department of Agriculture confirmed the insect was a 
Khapra beetle, considered one of the most destructive pests, damaging grain, cereals, 
and stored food. The CBP said the Khapra beetle is the only insect the agency takes 
action against even when it is dead. The insect contaminates grain with body parts and 
hairs, which can cause gastrointestinal problems in adults and can especially sicken 
infants, according to a CBP statement. A McCormick spokesman said the discovery of 
an invasive insect like the Khapra beetle was not a "regular event." 

Source: http://articles.baltimoresun.com/2012-04-24/news/bs-bz-khapra-bettle- 
mccormick-20 1 20424 1 invasive-beetle -khapra-beetle-invasive-insect 

For another story, see item 60 
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Water Sector 



29. April 26, Associated Press - (New Hampshire) Conway, NH, wastewater treatment 
plant to get $12M upgrade. A wastewater treatment plant in Conway, New 
Hampshire, currently operating at capacity will receive a $12 million upgrade, the 
Associated Press reported April 26. The money from the U.S. Department of 
Agriculture will fund the construction of a pipeline from a wastewater treatment plant 
in Conway to a bigger one in North Conway. The larger plant will take on more 
wastewater treatment responsibilities. The current plant is also using outdated 
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technology that does not treat the water that it discharges into the Saco River for 
nitrogen and phosphorous, putting the river's health at risk. The state decided to put a 
moratorium on building permits in Conway because of the problem. 

Source: 

http ://w w w .therepublic .com/view/story/7 e2 1 cfb4ccd243bc927 0fb9c8 8093aa5/NH— 
Wastewater-Plant-Conway/ 



30. April 25, U-T San Diego - (California; International) Two million gallons of sewage 
hit TJ River — again. San Diego County officials said a second sewage release in less 
than a month lasted for 12 hours April 24, spewing 2 million gallons of sewage into the 
Tijuana River. The leak was caused by a broken sewer line near Mexico’s Rio Alamar 
which drains to the Tijuana River and eventually the Pacific Ocean. U-T San Diego 
reported it is unlikely the accident will result in major penalties because it happened in 
Mexico, where California officials have no authority. None of the sewage spilled April 
24 was recovered before it poured into San Diego County, according to the county 
environmental health department. It said beaches that typically would be closed by such 
a spill already were off-limits to water contact because of sewage-tainted flows that 
entered the United States since mid-March. It was not clear when beach closures would 
be lifted; health officials said they will remain in place until water testing shows the 
water is safe for swimmers and surfers. Despite hundreds of millions of dollars spent on 
both sides of the border, contaminated runoff from neighborhoods in Tijuana regularly 
streams into San Diego County following rains — and that problem is exacerbated by 
equipment failures and other upsets. A boundary commission spokeswoman said the 
agency expected to get its pumps back online April 26. 

Source: http://www.utsandiego.com/news/2012/apr/25/two-million-gallons-sewage-hit- 
south-bay/ 

31. April 25, Pennsylvania Infrastructure and Investment Authority - (Pennsylvania) 
Pennsylvania Governor announces $115 million investment in water 
infrastructure projects in 17 counties. The governor of Pennsylvania announced 
April 25 the investment of $115 million in 28 non-point source, drinking water, and 
wastewater projects in 17 counties. Of the $115 million total, $82 million is for low- 
interest loans and $33 million is offered as grants. The awards range from a $19 million 
loan/grant combination to upgrade a wastewater treatment system in McKean County 
to a $266,000 grant that will construct nutrient-management facilities on a farm in 
Lancaster County, contributing to the improvement in the water quality of the 
Chesapeake Bay. The funding comes from a combination of state funds approved by 
voters, federal grants to the Pennsylvania Infrastructure and Investment Authority 
(PENNVEST) from the Environmental Protection Agency, and recycled loan 
repayments from previous PENNVEST funding awards. 

Source: http ://www. market watch . com/stor y/go vernor-corbett- announces - 1 1 5 -million- 
investment-in-water-infrastructure-proiects-in-17-counties-2012-04-25 

32. April 25, WFMZ 69 Allentown - (Pennsylvania) DEP: PennDOT contractor drills 
into Tamaqua sewage line. Officials said a Pennsylvania Department of 
Transportation contractor drilled into Tamaqua, Pennsylvania's main sewage line April 
24, causing a sewage leak into the Little Schuylkill River at a rate of 1.5-million 
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gallons per day. State environmental officials said no fish were affected as of April 25 
but more testing would be needed. Tamaqua officials said the borough's water supply 
was not affected. State department of environmental protection officials said a 
permanent fix was expected April 26. 

Source: http://www.wfmz.com/news/DEP-PennDQT-contractor-drills-into-Tamaqua- 
sewage-line/-/ 121458/11 868094/-/xerfvs/ -/ 

For more stories, see items 1 and 5 
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Public Health and Healthcare Sector 



33. April 26, White Plains Journal News - (New York) Four Winds Hospital worker 
stole $40K, troopers say. A veteran employee of Four Winds Hospital in Cross River, 
New York, stole more than $40,000 from the facility over the past 4 years by falsifying 
records, state police said. She was arrested April 25 after an investigation by state 
police in Somers. As the director of patient accounts at the hospital that treats children 
and adults with mental-health issues, she falsified records many times, enabling her to 
steal the money. Police said she worked there for 26 years. 

Source: http://www.lohud.com/article/20120426/NEWS02/304260Q86/Four-Winds- 
Hospital- worker- stole-40K- troopers - say 

34. April 26, Stockton Record - (California) Thieves grab records at medical clinic. The 
Stockton Record reported April 26 that lab records containing data from at least 700 
patients, including Social Security numbers and insurance information, were stolen 
during a break-in at the Healthcare Clinical Faboratory Patient Service Center in 
Stockton, California; the laboratory is affiliated with St. Joseph's Medical Center. At 
least one lab patient reported an unauthorized attempt to open up a credit card in her 
name after being notified by a St. Joseph's privacy official and placing a fraud alert on 
her credit report, according to a hospital spokeswoman. Fab workers discovered 
February 2 that a storeroom window had been broken and that two storage boxes 
containing laboratory requisition forms were missing. It was initially determined the 
forms were connected to services provided to patients between December 13, 2011, and 
January 5, as well as between January 17 and 31. March 16, lab officials discovered an 
additional box was missing. It contained forms that related to services provided 
between October 24, 201 1, and November 18, 2011. In addition to notifying the police 
and government agencies, St. Joseph's believes it has contacted all affected patients by 
mail to recommend they take steps to protect their credit and offer them free enrollment 
in a credit-monitoring system. 

Source: 

http://www.recordnet.com/apps/pbcs .dll/article?AID=/20 1 20426/A NEW S/2042603 1 9 

35. April 25, WCMH 4 Columbus - (Ohio) Caller: There's a bomb at door, armed man 
inside. Columbus, Ohio police said bomb threats were called into three pharmacies 
around the same time April 24 before a robbery at only one of them. The caller said 
there was a bomb at the back door and an armed male inside the store. The caller told 
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the pharmacist to place several bottles of oxycodone and oxycontin in the drive-thru 
window. The caller then told the pharmacist to turn around, and a male in a dark jacket 
and gray, hooded sweatshirt scooped up the drugs and ran northbound in the alley. A 
police report listed the total value of the prescription drugs at $6,981.25. 

Source: http://www2.nbc4i.com/news/201 2/apr/25/7/police-bomb-threats-called- 
pharmacy-robbed-ar- 101 2734/ 

For another story, see item 23 
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Government Facilities Sector 



36. April 26, Rock Hill Herald - (South Carolina) 6 arrested after bomb threat at SC 
school. Students at Carolina Forest High School in Myrtle Beach, South Carolina, were 
back in class April 26 after a bomb threat forced an evacuation of the school April 25, 
according to a Horry County Schools spokeswoman. Horry County police said six 
people were arrested. Four were juveniles who were transported to the department of 
juvenile justice. Two are adults who were taken to a detention center, police said. 

Police said charges were pending and should be released April 26. April 25, a student 
found a note in a bathroom that said a bomb would go off. Horry County police’s bomb 
squad and additional officers searched the building. Nothing was found. It was the 14th 
bomb threat in the district in 2012. 

Source: http://www.heraldonline.com/2012/04/26/392530Q/6-arrested-after-bomb- 
threat-at.html 



37. April 26, Palm Beach Post - (Florida) Student's uncle arrested in connection with 
guns at Barton Elementary in Lake Worth. The uncle of a student at Barton 
Elementary School in Lake Worth, Florida, was arrested following an incident where a 
young girl brought two loaded guns to the school in a backpack, the Palm Beach Post 
reported April 26. The man was charged in federal court with felony possession of a 
firearm. He allegedly put the two firearms in his niece's backpack while he was 
attempting to move them from one apartment to a new apartment, according to a 
criminal complaint. School officials learned about the guns when another student 
spotted them in the backpack and reported them to a teacher. The girl acknowledged 
she had the guns in her backpack and said they belonged to her uncle, the complaint 
stated. Palm Beach County School Police, the Palm Beach Sheriffs Office, and the 
Federal Bureau of Alcohol, Tobacco, and Firearms investigated the incident. 

Source: http://www.palmbeachpost.com/news/schools/students-uncle-arrested-in- 
connection-with-guns-at-2324955.html 

38. April 25, Everett Herald - (Washington) Foul odor sickens 12 people at 

college. Classes at Everest College in Everett, Washington, were canceled through the 
morning April 26, a day after 1 1 people were taken to the hospital after reporting 
dizziness, nausea, and a foul odor. Everest College is a private institution that shares a 
six-story building with several businesses, officials said. The students' dizzy spells 
were not considered life-threatening. The Everett campus announced on a Web site that 
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classes were canceled through 10 a.m. April 26. Students were advised to check back 
for an update. Up to 200 people were in the building April 25. Students quickly left 
after being told classes were canceled. Medics evaluated 12 people. There were 35 
medics and firefighters on the scene. People in the building reported a mysterious odor, 
but fire officials could not pinpoint a cause. The building manager was told to have an 
industrial hygienist examine the structure. 

Source: http://heraldnet.com/article/20120425/NEWS01/704259820/-l/News 

39. April 25, Infosecurity - (National) Cyberattacks on U.S. federal IT system soared 
680% in five years. Cyberattacks on the federal government's IT systems skyrocketed 
680 percent in 5 years, an official from the Government Accountability Office (GAO) 
testified the week of April 23 on Capitol Hill. Federal agencies reported 42,887 
cybersecurity incidents in 2011, compared with just 5,503 in 2006, the director of 
information issues for the GAO told a House Homeland Security Committee panel. The 
incidents reported by the agencies included unauthorized access to systems, improper 
use of computing resources, and the installation of malicious software, among others. 
The GAO official said the sources of the cyberthreats included criminal groups, 
hackers, terrorists, organizational insiders, and foreign nations. “The magnitude of the 
threat is compounded by the ever-increasing sophistication of cyber attack techniques, 
such as attacks that may combine multiple techniques. Using these techniques, threat 
actors may target individuals, businesses, critical infrastructures, or government 
organizations,” he testified. The federal government's IT systems continue to suffer 
from "significant weaknesses" in information security controls, he said. Eighteen of 24 
major federal agencies have reported inadequate information security controls for 
financial reporting for fiscal year 2011, and inspectors general at 22 of these agencies 
identified information security as a major management challenge for their agency, he 
told the House panel. ’’Reported attacks and unintentional incidents involving federal, 
private, and infrastructure systems demonstrate that the impact of a serious attack could 
be significant, including loss of personal or sensitive information, disruption or 
destruction of critical infrastructure, and damage to national and economic security,” he 
warned. 

Source: http://www.infosecurity-magazine.com/view/25393/cyberattacks-on-us- 
federal-it-system-soared-680-in-five-years/ 



40. April 25, Hickory Daily Record - (North Carolina) Threatening note causes Catawba 
Valley Community College evacuation. Catawba Valley Community College 
(CVCC) evacuated its two Hickory, North Carolina campuses just before noon April 25 
because of a perceived threat. That threat was later revealed to be a note. Students, 
faculty, and staff on the main and east campuses were notified of the evacuation by 
loudspeaker announcements and the in-house TV system, as well as college personnel 
spreading the word and emergency texts and e-mail, said the CVCC president. A 
committee and school officials decided it would be best to evacuate the campus and 
cancel day and evening classes for the main and east campuses April 25. Classes 
resumed April 26. A gunman was spotted on CVCC’s east campus January 18, resulted 
in the east and main campuses being locked down for hours. The gunman was never 
caught. 
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Source: http://www2.hickoryrecord.com/news/2012/apr/25/12/threatening-note-causes- 
cvcc-evacuation-ar-2205949/# 



41. April 24, Softpedia - (National) UGNazi hackers launch DDOS attacks on CIA, 
DOJ sites to protest CISPA. Hackers from the UGNazi group launched attacks on the 
sites of the CIA and the Department of Justice (DOJ) April 24 to show they do not 
agree with a new anti-piracy law, the Cyber Intelligence Sharing and Protection Act 
(CISPA). While the site of the DOJ seemed to be restored, the one of the CIA was 
down for at least 8 hours. Starting the weekend of April 21, members of the UGNazi 
group were attacking sites that belong to the U.S. government and organizations they 
consider corrupt. Their first targets were the Web sites of New York City and the 
Government of the District of Columbia, which they considered to be “the heart” of the 
United States. Then they moved to NASDAQ, whose public facing Web site they kept 
down for a few hours. The State of Washington site was attacked April 21, being kept 
offline for more than 4 hours. 

Source: http://news.softpedia.com/news/UGNazi-Hackers-Launch-DDOS-Attack-on- 
CIA-DOJ-Site-to-Protest-CISPA-266Q33.shtml 



For more stories, see items 4, 12, and 49 



[ Return to top ] 

Emergency Services Sector 

42. April 26, Adrian Daily Telegram - (Michigan) 911 service out in Britton area. A 
fiber-optic telephone line in Britton, Michigan was damaged, causing a 9-1-1 outage 
for landlines in the Britton area, according to the Lenawee County Sheriffs 
Department. Cellphone users should not have problems calling 9-1-1. Neither a cause 
of the damage nor an estimated time of when repairs would be made was available 
April 26. In an emergency, people in the Britton area using a landline phone were 
instructed to call the dispatcher directly. 

Source: http://www.lenconnect.com/news/x787573609/91 1-service-out-in-Britton-area 

43. April 25, KTEN 10 Ada - (Texas) First responders endure evening with no 911 
service. April 21, Texas' Grayson County Emergency Management officials said a 
phone fiber line was cut by presumably a local construction company near Whitesboro, 
and 9-1-1 went offline in Whitesboro, Sadler, and Gordonville. In response, fire and 
police departments increased their patrols during the inconvenience. Instead of calling, 
they found a different way to keep in touch by using text messages. Residents were 
instructed to go to the nearest fire or police station if they had an emergency. The 
phone cables were repaired by about 6 hours later. 

Source: http://www.kten.com/story/17762445/first-responders-endure-evening-with- 
no-phone- service 

For more stories, see items 17 and 23 
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Information Technology Sector 



44. April 26, H Security - (International) Security improvements in Opera 12 beta. A 
beta of version 12 of the Opera Web browser was released with privacy and security- 
focused improvements. The browser now runs plugins out-of-process and includes 
optimizations for better SSL handling. Running plugins in their own process not only 
improves the smoothness and stability of the browser but also can limit the damage 
from some plug-in exploit. Privacy is enhanced with support for the "Do Not Track" 
(DNT) header, which is used to tell Web sites the browser user wishes to opt-out of 
online behavioral tracking. The DNT header is designed to help users retain their 
privacy when faced with online advertising networks that use cookies and other Web 
technologies to recognize them and serve them tailored advertising. 

Source: http://www.h-online.com/securitv/news/item/Security-improvements-in-Qpera- 
12-beta-1559714.html 



45. April 26, Help Net Security - (International) Hotmail remote password reset O-day 
bug found, patched. A critical security flaw affecting Microsoft's Hotmail was 
detected almost simultaneously by Vulnerability Lab researchers and a Saudi Arabian 
hacker and, until a temporary fix was made by Microsoft April 20, it was used by 
hackers to hijack users' Hotmail/Live account. "The vulnerability allows an attacker to 
reset the Hotmail/MSN password with attacker chosen values. Remote attackers can 
bypass the password recovery service to setup a new password and bypass in place 
protections (token based)," explained Vulnerability Lab's researchers. 

Source: http://www.net-security.org/secworld.php?id=12818&utm 

46. April 26, Softpedia - (International) Expert accidentally finds how DoS attacks can 
be launched via Google. A computer scientist working at New York University 
learned Google can be used to launch successful denial-of-service (DoS) attacks against 
sites with minimal effort. The researcher explained it started when he saw Amazon 
Web Services was charging him with 10 times the usual amount because of large 
amounts of outgoing traffic. After analyzing traffic logs, he was able to determine that 
every hour a total of 250 gigabytes of traffic was sent out because of Google’s 
Feedfetcher, the mechanism that allows the search engine to grab RSS or Atom feeds 
when users add them to Reader or the main page. It appears Google does not want to 
store the information on its own servers so it uses Feedfetcher to retrieve it every time, 
thus generating large amounts of traffic. This enabled the expert to discover how a 
Google feature can be easily used to launch attacks against a site simply by gathering 
several big URLs from the target and putting them in a spreadsheet or a feed. If the 
feed is placed into a Google service or a spreadsheet and the image(url) command is 
used, a DoS attacks is initiated. 

Source: http://news.softpedia.com/news/Expert-Accidentally-Finds-How-DQS- 
Attacks-Can-Be-Launched-Via-Google-266613.shtml 

47. April 26, Computerworld - (International) Obstinate' Conficker worm infests 
millions of PCs years later. April 25, Microsoft said the long- suppressed Conficker 
botnet is still actively infecting millions of new machines, giving Windows enterprise 
users a 2.5-year problem. Conficker infected or tried to infect 1.7 million Windows PCs 
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in the fourth quarter of 201 1, 3 years after it first appeared. The 1 .7 million was an 
uptick of 100,000 from the previous quarter, said Microsoft. The worm first appeared 
in the fall of 2008, exploiting a just-patched Windows vulnerability. It soon morphed 
into a more effective threat, adding new attack techniques, including one that relied on 
weaknesses in Windows XP's and Vista's AutoRun feature. By January 2009, some 
security firms estimated Conficker compromised millions of PCs. Concern about 
Conficker reached a crescendo when the media reported it would update itself April 1, 
2009. Because of the size of the Conficker botnet — estimates ran as high as 12 million 
— and other mysteries, hype ran at fever pitch. In the end, Conficker's April 1 update 
passed quietly. However, the worm, although prevented from communicating with its 
makers, has not completely disappeared. According to Microsoft, detections of 
Conficker jumped 225 percent since 2009. The current size of the Conficker botnet — 
those PCs now infected — is approximately 7 million, Microsoft claimed. 

Source: 

http://www.computerworld.eom/s/article/9226619/ Obstinate Conficker worm infests 
millions of PCs years later 

48. April 26, IDG News Service - (International) Most of the Internet's top 200,000 
HTTPS websites are insecure, group says. Ninety percent of the Internet's top 
200,000 HTTPS-enabled Web sites are vulnerable to known types of secure sockets 
layer (SSL) attack, according to a report released April 26 by the Trustworthy Internet 
Movement (TIM), a nonprofit organization dedicated to solving Internet security, 
privacy, and reliability problems. It is based on data from a new TIM project called 
SSL Pulse, which uses automated scanning technology developed by security vendor 
Qualys to analyze the strength of HTTPS implementations on Web sites in the top 1 
million published by Web analytics firm Alexa. SSL Pulse checks what protocols are 
supported by HTTPS-enabled Web sites, the key length used for securing 
communications, and the strength of the supported ciphers. An algorithm is used to 
interpret scan results and assign a score between 0 and 100 to each HTTPS 
configuration. The score is then translated into a grade, with A being the highest (over 
80 points). Half of the almost 200,000 Web sites in Alexa's top 1 million that support 
HTTPS received an A for configuration quality. The sites use a combination of modem 
protocols, strong ciphers, and long keys. Despite this, only 10 percent of the scanned 
Web sites were deemed truly secure. Seventy-five percent — around 148,000 — were 
found to be vulnerable to an attack known as BEAST, which can be used to decrypt 
authentication tokens and cookies from HTTPS requests. 

Source: 

http://www.computerworld.eom/s/article/9226623/Most of the Internet 39 s top 20 
0 000 HTTPS websites are insecure group says 

49. April 25, Ars Technica - (International) Backdoor in mission-critical hardware 
threatens power, traffic-control systems. Equipment running RuggedCom's Rugged 
Operating System networking gear has an undocumented account that cannot be 
modified and a password that is trivial to crack. According to researchers, for years the 
company did not warn the power utilities, military facilities, and municipal traffic 
departments using the industrial-strength gear the account can give attackers the means 
to sabotage operations that affect the safety of many people. The backdoor uses the 
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login ID of "factory" and a password recovered by plugging the media access control 
(MAC) address of the targeted device into a simple Perl script, according to a post 
published April 23 to the Full Disclosure security list. To make unauthorized access 
easy, paying customers of the Shodan computer search engine can find the IP numbers 
of more than 60 networks that use the vulnerable equipment. The first thing users who 
telnet into them see is its MAC address. Equipment running the Rugged Operating 
System act as the switches and hubs that connect programmable logic controllers to the 
computer networks used to send them commands. They may lie between the computer 
of a electric utility employee and the compact disk-sized controller that breaks a circuit 
when the employee clicks a button on their screen. To give the equipment added power, 
Rugged Operating System is fluent in the Modbus and DNP3 communications 
protocols used to natively administer industrial control and supervisory control and data 
acquisition systems. The U.S. Navy, the Wisconsin Department of Transportation, and 
Chevron are just three of the customers who rely on the gear, according to 
RuggedCom's Web site. 

Source: http://arstechnica.com/business/news/2012/04/backdoor-in-mission-critical- 
hardware-threatens-power-traffic-control-systems.ars?utm 

For more stories, see items 13, 39, 41, 50, and 51 

Internet Alert Dashboard 



To report cyber infrastructure incidents or to request information, please contact US-CERT at sos@us-cert.gov or 
visit their Web site: http://www.us-cert.gov 

Information on IT information sharing and analysis can be found at the IT ISAC (Information Sharing and 
Analysis Center) Web site: https://www.it-isac.org 
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Communications Sector 



50. April 25, Norfolk Virginian-Pilot - (Virginia) Verizon working to fix outage in 
Norfolk. Several hundred Verizon Communications Inc. customers in Norfolk, 
Virginia, lost telephone and Internet service after April 20, when a contractor for 
another company damaged underground cables. The contractor cut into two Verizon 
underground cables serving about 700 lines, a Verizon spokesman wrote in an e-mail. 
Verizon learned of the extent of the outage over the April 21 weekend, he wrote. 
Because some customers have more than one line into their homes or businesses, the 
number who lost service is likely less than 700, he wrote. The company hoped to 
replace the cable and restore service for all customers by April 26. The process is 
complicated because the conduit carrying the damaged cables had no room for 
additional lines, requiring repair workers to find an alternate path for the replacement 
cable, the spokesman wrote. 

Source: http://hamptonroads.com/2012/04/verizon-working-fix-outage-norfolk 

51. April 25, Whidbey Examiner - (Washington) Outage angers Whidbey Telecom 
customers. Residents on Whidbey Island, Washington endured 5 days of electronic 
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frustration the week of April 23 as Whidbey Telecom suffered a complete breakdown 
of its e-mail service during an equipment upgrade. The problems began April 20 as 
technicians worked on making changes to the equipment that handles e-mail. 

Customers had been warned in advance that a temporary outage was possible. But 
throughout the weekend of April 21, customers reported not being able to send or 
receive e-mail. For residential customers, it was mostly an inconvenience. But for small 
businesses that rely on the locally owned telecommunications firm for e-mail service, 
the outage that dragged on into the beginning of the week of April 23 had begun to 
threaten their bottom line. By about 8:30 a.m. April 25, some customers confirmed that 
their e-mail service was up and running again. 

Source: 

http://www.whidbevexaminer.com/main.asp?SectionID=l&SubSectionID=l&ArticleI 

D=7622 



For more stories, see items 43 and 45 
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Commercial Facilities Sector 



52. April 26, KPRC 2 Houston - (Texas) 2- Alarm fire destroys northwest Harris 
County apartments. A two-alarm fire damaged or destroyed more than a dozen 
apartments in Houston April 26. A gas line ruptured during the fire and power was cut 
off to the complex, officials said. The fire started in the building's laundry room. Fire 
officials said four apartments were destroyed, four others had water and smoke 
damage, and eight units had smoke damage. 

Source: http://www.click2houston.com/news/2-Alarm-fire-destroys-northwest-Harris- 
County-apartments/-/ 1735978/1 1 960298/-/wdw28nz/-/ 

53. April 24, Longmont Times-Call - (Colorado) Longmont churches targeted in 
burglaries. Police were investigating seven burglaries of six churches since April 17 in 
Longmont, Colorado, the Longmont Times-Call reported April 24. Burglars have either 
forced entry into the churches or gotten in through unlocked doors to steal cash from 
the churches. Gift cards worth several thousand dollars were stolen from a locked 
closet inside a locked office at Longs Peak United Methodist Church. Gift cards and 
small amounts of cash were also stolen from other churches in the area. 

Source: http://www.denverpost.com/crime/ci 204698 17/longmont-churches-targeted- 
burglaries 

For more stories, see items 5, 29, 38, 39, and 51 
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National Monuments and Icons Sector 



54. April 26, Associated Press - (Michigan) Wildfire in Michigan's Huron National 
Forest burns 1,500 acres. Authorities said a wildfire in Michigan's northern Lower 
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Peninsula burned at least 1,500 acres and forced the evacuation of about 50 homes. The 
fire burned near Mack Lake in Oscoda County's Mentor Township. The U.S. Forest 
Service said the fire was about 90 percent contained as of the morning of April 26. 
There were no reports of injuries or structures being burned. An American Red Cross 
shelter was set up in the nearby community of Mio. The fire is in the area of the Huron 
National Forest. The Oscoda County sheriffs department said the evacuated homes 
include some small subdivisions and most of them are seasonal homes. 

Source: http ://w w w .freep .com/article/20 1 20426/NEWS06/ 1 204260 1 1 AVildfire-in- 
Michigan-s-Huron-National-Forest-bums- 1 -500-acres 

55. April 26, WEWS 5 Cleveland - (Ohio) Train catches fire in the Cuyahoga Valley 
National Park. A train fire in Ohio's Cuyahoga Valley National Park kept three local 
fire departments busy from April 25 to April 26. According to the Brecksville fire 
chief, firefighters immediately began dragging hoses about 300 feet through the woods 
towards the train cars. He said one train car was fully involved in fire and a second one 
was beginning to catch fire. Firefighters were able to stop the fire from spreading to the 
second car. National Park rangers said people sometimes loiter in the area but they 
were not sure how the fire started. It was not known what the train cars were being used 
for or what was in them. There are no fire hydrants in the area so firefighters had to 
place mobile pools in the roadway and tank water to the scene. Brecksville was assisted 
by Richfield and Valley View fire departments for water tankers. 

Source: http://www.newsnet5.com/dpp/news/local news/oh cuyahoga/Train-catches- 
fire-in-the-Cuyahoga-Valley-National-Park 

56. April 25, Associated Press - (New Mexico) Texas man must pay $2.7M, serve 
probation for starting NM wildfire with used toilet paper. A man was ordered to 
pay $2.7 million in restitution for burning used toilet paper that sparked a wildfire, 
scorching nearly 83 square miles of a national forest in New Mexico. The man also was 
sentenced April 24 to 5 years of probation and ordered to complete 200 hours of 
community service. In October 2011, he pleaded guilty under a plea agreement to a 
misdemeanor charge stemming from the April 201 1 wildfire. Two other charges in an 
indictment were dismissed. The fire started when the man was with friends near a camp 
site, and he lit some used toilet paper on fire to keep from leaving behind litter. High 
winds sent sparks from the burning paper into nearby brush, and he and his friends 
were unable to control the fire in the area known as the Guadalupe Ranger District. The 
blaze eventually charred more than 53,000 acres in the Lincoln National Forest, 
through the Last Chance Canyon in Eddy County. The fire burned for several days and 
caused damage to four structures in the Sitting Bulls Falls Recreation area. 

Source: http://www.washingtonpost.com/lifestyle/travel/texas-man-must-pay-27rn- 
serve-probation-for-starting-nm- wildfire- with-used-toilet- 
paper/20 1 2/04/25/gIQAZYB JhT story.html 

For another story, see item 17 
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Dams Sector 



57. April 26, Yakima Herald- Republic - (Washington) Levee bolstered as Yakima 
County girds for high water. An excavator dumped rock along a Naches River levee 
near Gleed, Washington, April 25 after high flows from the Yakima and Naches rivers 
damaged the structure. Both rivers were expected to remain above flood stage into the 
weekend and crest during the week of April 30. The U.S. Army Corps of Engineers 
hired a contractor to begin the repairs after Yakima County commissioners declared a 
flood-related state of emergency April 25. The declaration allows the Corps to begin 
making repairs. Record high temperatures prompted the snow melt and the resulting 
high water. The National Weather Service issued a flood warning for the Naches River 
April 23, a day after the valley set a new record high temperature for the day. 

Source: http://www.vakima-herald.com/stories/2012/04/25/levee-bolstered-as-vakima- 
county-girds-for-high- water 

58. April 26, KAJ 18 Missoula - (Montana) Libby Dam flows reduced to help flooding 
worries. The U.S. Army Corps of Engineers reduced the outflow of water from the 
Libby Dam in northwest Montana from 16,000 cubic feet per second (cfs) to 14,000 cfs 
the week of April 23. Tributaries downstream from the dam were already swelling from 
snowmelt runoff. The National Weather Service office in Missoula issued a Flood 
Warning for the Fisher River in southern Lincoln County until further notice. The 
Fisher River was at flood stage, 7.5 feet, April 26, and minor flooding was reported in 
the area. The Flood Warning was extended for the Yaak River near Troy until further 
notice. As of April 26 the river was at 8.4 feet, above the flood stage of 8.0 feet. 

Source: http://www.kpax.com/news/libby-dam-flows-reduced-to-help-flooding- 
worries/ 



59. April 25, Cleveland Sun News - (Ohio) Berea's low-head dam removals 

begin. Workers began removing boulders and fallen timber from one of the low-head 
dams in Baldwin Creek near Berea, Ohio, April 25. They were in the creek next to the 
city's water plant. Three dams will be removed in the Baldwin Creek area to allow 
better fish passage and enhance the in-stream habitat. All three dams are on city 
property. Partners in the low-head dam removal project include the Cuyahoga Soil and 
Water Conservation District, the Rocky River Watershed, Cleveland Metroparks and 
the city. The project has been planned for about 2 years. 

Source: http://www.cleveland.com/berea/index.ssf/2012/04/bereas low- 
head dam removals b.html 



60. April 25, Associated Press - (Missouri; Illinois) Army Corps stands by decision to 
breach Birds Point levee, one year later. Nearly a year after the U.S. Army Corps of 
Engineers intentionally breached the Birds Point levee in southeast Missouri, Corps 
officials say the decision may have saved billions in damages. The Southeast 
Missourian reported farmers in the floodway are still reassessing costs. The Food and 
Agriculture Research Policy Institute estimated that crop losses alone amounted to $85 
million, and a broader economic impact exceeded $156 million. The Corps had 
authority to intentionally breach the levee to relieve pressure from the flooding 
Mississippi River, in part to save nearby Cairo, Illinois. The breach May 2, 2011, 
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flooded 130,000 acres of Missouri farmland. The Corps said the decision prevented 
more than $112 billion in damages along the Mississippi River and its tributaries. 
Source: http://articles .kv3.com/20 1 2-04-25/birds-point-levee 31401316 
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